Lucene search

[email protected]CVE-2013-0848

HistoryDec 07, 2013 - 9:55 p.m.

CVE-2013-0848

2013-12-0721:55:09

CWE-119

[email protected]

web.nvd.nist.gov

cve

2013-0848

ffmpeg

libavcodec

huffyuv.c

decode_init

remote

dos

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.4%

JSON

The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access.

Affected configurations

NVD

Node

ffmpegffmpegRange≤1.0

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

ffmpegffmpegMatch0.10.4

ffmpegffmpegMatch0.11

CPENameOperatorVersion
ffmpeg:ffmpegffmpegle1.0
ffmpeg:ffmpegffmpegeq0.3
ffmpeg:ffmpegffmpegeq0.3.1
ffmpeg:ffmpegffmpegeq0.3.2
ffmpeg:ffmpegffmpegeq0.3.3
ffmpeg:ffmpegffmpegeq0.3.4
ffmpeg:ffmpegffmpegeq0.4.0
ffmpeg:ffmpegffmpegeq0.4.2
ffmpeg:ffmpegffmpegeq0.4.3
ffmpeg:ffmpegffmpegeq0.4.4

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	le	1.0
ffmpeg:ffmpeg	ffmpeg	eq	0.3
ffmpeg:ffmpeg	ffmpeg	eq	0.3.1
ffmpeg:ffmpeg	ffmpeg	eq	0.3.2
ffmpeg:ffmpeg	ffmpeg	eq	0.3.3
ffmpeg:ffmpeg	ffmpeg	eq	0.3.4
ffmpeg:ffmpeg	ffmpeg	eq	0.4.0
ffmpeg:ffmpeg	ffmpeg	eq	0.4.2
ffmpeg:ffmpeg	ffmpeg	eq	0.4.3
ffmpeg:ffmpeg	ffmpeg	eq	0.4.4